Message ID | 20220805151325.14021-1-a@unstable.cc |
---|---|
State | Changes Requested |
Headers | show |
Series | [Openvpn-devel] dco: disable DCO if --allow-compress yes/asym was specified | expand |
Am 05.08.22 um 17:13 schrieb Antonio Quartulli: > Allowing compression means that we may accept a pushable compress > setting. > This scenario can't work with DCO therefore disable it when compression > is allowed. > Acked-By: Arne Schwabe <arne@rfc2549.org>
Hi, On Fri, Aug 05, 2022 at 05:13:25PM +0200, Antonio Quartulli wrote: > #if defined(USE_COMP) > - if (o->comp.alg != COMP_ALG_UNDEF) > + if (o->comp.alg != COMP_ALG_UNDEF > + || o->comp.flags & COMP_F_ALLOW_ASYM > + || o->comp.flags & COMP_F_ALLOW_COMPRESS) > { > - msg(msglevel, "Note: Using compression disables data channel offload."); > + msg(msglevel, "Note: Allowing or using compression disables data channel offload."); It does have an ACK, and it does what it promises to, but I do not like the message - as in, it's technically correct, but it could be a bit more helpful in regards to "what does the user need to do now?" What about > + msg(msglevel, "Note: '--allow-compression' is not set to 'no'. Disabling data channel offload."); so they know "ah, need to look for that option" (and either set it to "no" or remove it from the config). Yes, this is not mentioning "using compression" at all anymore, but this is indirectly handled - if you have "--allow-compression no", it will disallow use of "--compress <whatever>" on its own, so we do not need to mention it in the DCO specific part. gert
diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c index c40fe96f..31f8737f 100644 --- a/src/openvpn/dco.c +++ b/src/openvpn/dco.c @@ -352,9 +352,11 @@ dco_check_option_conflict(int msglevel, const struct options *o) } #if defined(USE_COMP) - if (o->comp.alg != COMP_ALG_UNDEF) + if (o->comp.alg != COMP_ALG_UNDEF + || o->comp.flags & COMP_F_ALLOW_ASYM + || o->comp.flags & COMP_F_ALLOW_COMPRESS) { - msg(msglevel, "Note: Using compression disables data channel offload."); + msg(msglevel, "Note: Allowing or using compression disables data channel offload."); if (o->mode == MODE_SERVER && !(o->comp.flags & COMP_F_MIGRATE)) {
Allowing compression means that we may accept a pushable compress setting. This scenario can't work with DCO therefore disable it when compression is allowed. Signed-off-by: Antonio Quartulli <a@unstable.cc> --- src/openvpn/dco.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)